CVE-2014-9322
Description
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
5.23
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Dtrace-modules-3.8.13-55.1.2.el6uek update (ELSA-2014-3106) dtrace-modules-3.8.13-55.1.2.el6uek-0.4.3-4.el6.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-55.1.2.el7uek update (ELSA-2014-3106) dtrace-modules-3.8.13-55.1.2.el7uek-0.4.3-4.el7.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-68.el6uek update (ELSA-2015-3012) dtrace-modules-3.8.13-68.el6uek-0.4.3-4.el6.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-68.el7uek update (ELSA-2015-3012) dtrace-modules-3.8.13-68.el7uek-0.4.3-4.el7.x86_64.rpm | Linux |
| Improper Privilege Management Vulnerability (CVE-2014-9322) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234